MidnightBSD, a FreeBSD-based desktop operating system, has quietly updated its README to reflect a new geographic restriction. The project has added a clause that bars residents of any country, state, or territory with OS-level age verification mandates from using MidnightBSD
Australian legislation specifically notes that all sites must age challenge users connecting via a VPN
That should be fun for people self hosting.
Well, good for them. I’m not Australian, get to vote for Australian lawmakers or host websites in Australia.
Is Australia going to pay every single website admin for the burden of implementing this wonderful magical logic to detect a given source IP(v4) belongs to a VPN provider? What about IPv6?
If I host a simple static website on a static webhost in Denmark say, and provide some otherwise perfectly legal OS ISO’s for download, how would I implement any logic at all? Why the fuck should I be subject to Australian laws?
The cookie acceptance of the GPDR was already bad enough and ruined so much of the Internet with no appreciative improvement of the privacy of visitors. If every Tom, Dick and Harry are going to place spurious demands on every website, it’ll do nothing except raise enormous barriers to entry and ensure that only huge players with the capacity to comply with demands from legislators all over the world will even be able to “legally” run websites at all. And then we can’t have an Internet or FOSS for that matter.
Maybe legislators should stop writing half-baked laws the consequences of which they apparently cannot comprehend.
It applies to websites not hosted in Australia, that may have Australians visiting the site via VPN
Enforcement is going to be interesting to watch
There are already services that catalogue VPN sources for webmasters to implement block lists
That’s why a said static webhost, i.e. paying for the ability to serve files, not run scripts or manage the webserver configuration. Sure, the hosting provider could be made responsible for the implementation, but now they have been encumbered with the burden and liability of policing which hosted sites needs this bullshit enabled and which are just a blog about making strawberry preserves or something.
Point is, it’s complete and utter twattery of the highest order. Never mind enforcement, I don’t even see how it would be reliably or consistently implemented.
And all that is in any case absolutely futile, because there’s still the matter of people being perfectly able of obtaining those self-same ISO’s from any number of other sources that are even more difficult to police, like the ones I originally mentioned, and about a thousand more where they came from.